Exercises and Information Security - Information Technology Zone

Case in point: taking stock of the CrowdStrike outages

CIO Business Intelligence

APRIL 2, 2025

Immediately after the CrowdStrike outage happened, for example, Akamai ran a tabletop exercise. The exercise even involved running through CrowdStrikes remediation process. The exercise worked, she says, and Akamai wouldve been able to recover if the bad update had slipped through the checks. Prouty asks.

CTO Hire

CTO Hire Fractional CTO Exercises Software

Protecting content in the digital age: Navigating the evolving threat landscape in media publishing

CIO Business Intelligence

AUGUST 28, 2024

In this exclusive interview, we sit down with Anoop Kumar, Head of Information Security Governance Risk and Compliance at GulfNews, Al Nisr Publishing, to discuss the evolving challenges of cybersecurity in the media industry.

Media

Media Information Security Education Guidelines

Patient Portal Puts a Spotlight on Secure Messaging

CTOvision

AUGUST 15, 2014

. ‘OAuth’ security, utilizing UserID, and password tokens to access data may all be effective solutions to limit access to specific information, especially when implemented as part of a larger identity management solution.

Security

Security Healthcare Authentication Information Security

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

4 methods to help CIOs manage cyber stress

CIO Business Intelligence

SEPTEMBER 22, 2022

Seeing that hackers don’t work 9 to 5, IT and information security professionals generally don’t get enough rest, says Itumeleng Makgati, group information security executive at Standard Bank. Exercise empathy and compassion. The experts share their four top tips below. . Encourage your teams to slow things down.

Information Security

Information Security Survey Security Meeting

The evolving role of security and IT in DR and incident response

CIO Business Intelligence

JULY 25, 2024

Collaboration between IT and security operations The chief information security officer (CISO) and the SOC are at the forefront of preventing and responding to security incidents. Quick and effective response is crucial, but equally important is the collaboration between IT operations and security operations.

Security

Security Devops Fractional CTO Exercises

Strengthening Retail’s Resilience Against Ransomware

CIO Business Intelligence

OCTOBER 5, 2022

By Ashok Rutthan, Chief information security officer at Massmart. First, it’s essential that retailers practice their responses to an attack; our company continuously does tabletop learning exercises. Data and Information Security, IT Leadership How Retailers Can Become More Resilient Against Ransomware.

Retail

Retail Information Security Education Exercises

What IT leaders from BlackBerry, CN and Microsoft Canada and more predict for the future of InfoSec

CIO Business Intelligence

MAY 16, 2022

McClurg is among the speakers at The Canadian CSO Future of Information Security Summit , taking place virtually May 18 and 19. Gathering security executives from a variety of industries across Canada, the summit will focus on mitigating risk and building market trust.

Microsoft

Microsoft Information Security Strategy Airlines

What transformational leaders too often overlook

CIO Business Intelligence

OCTOBER 28, 2022

High-performing CIOs know that digital mastery depends on a strong foundation of rock-solid infrastructure, information security, enterprise data management, and sound IT governance. But for all the emphasis on cutting-edge technology for business transformation, IT infrastructure too often gets short shrift.

Enterprise

Enterprise Enterprise Engineering Web Services

Critical Actions Post Data Breach

SecureWorld News

DECEMBER 30, 2024

ISO 22398: Covers the principles of planning, conducting, and developing training programs to prepare teams for critical situations through practical exercises and simulations. Conclusion Effective security measures not only help mitigate the impact of a cyberattack but also significantly reduce the chances of one occurring.

Data

Data Business Continuity Exercises Security

How to Improve Your Organization’s Cyber Resiliency

CIO Business Intelligence

SEPTEMBER 23, 2022

The practice brings together formerly separate disciplines of information security, business continuity, and disaster response (BC/DR) deployed to meet common goals. It’s about making sure there are regular test exercises that ensure that the data backup is going to be useful if worse comes to worst.”.

How To

How To Backup Exercises Disaster Recovery

2 Innovations That Can Tip the Balance in Cybersecurity

CIO Business Intelligence

JANUARY 13, 2023

Army Major General and Vice President and Federal Chief Security Officer for Palo Alto Networks What critical innovations can change the balance in cybersecurity, providing those of us responsible for defending our organizations with more capabilities against those who would do us harm? This is not just a theoretical exercise.

Network

Network Software Software Security

16 best entry-level IT certifications to launch your career

CIO Business Intelligence

OCTOBER 27, 2023

GIAC Information Security Fundamentals (GISF) The GIAC Information Security Fundamentals certification is offered through the GIAC, covering the foundations of IT security, networking, cryptography, and cybersecurity. Exam fee : Prices range from $75 to $125 per exam.

SCRUM

SCRUM Project Management Course Network

Lessons from the Synergy Forum: Affordability of Cybersecurity & Risk Management

CTOvision

MAY 28, 2015

For example, if an organization uses an outdated operating system in an effort to cut costs, it is highly unlikely that the same organization will utilize cybersecurity professionals to bolster its information security – it is not even exercising basic cybersecurity hygiene by using outdated software.

Information Security

Information Security Exercises Government Enterprise

25 enterprise tech predictions and goals for 2025, from APAC CIOs

CIO Business Intelligence

FEBRUARY 3, 2025

src="[link] alt="gabriel tuason" loading="lazy" width="400px"> Gabriel Tuason Head, Information Security (Energy Development Corporation) Aside fromcyberincidents escalating due to AI-driven attacks,organisations will start shiftingtheir programs and priorities from cybersecurity to cyber resilience.

Enterprise

Enterprise Enterprise Cloud Programming

7 common IT training mistakes to avoid

CIO Business Intelligence

APRIL 26, 2023

Treating training as a checkbox exercise sends the message to your team that you don’t really care all that much about the content they’re learning — and that mindset is contagious,” warns Steve Ryan, a manager at BARR Advisory, a cloud-based security and compliance solutions provider. Ryan points to security training as an example.

Training

Training Programming Exercises Fractional CTO

The essential check list for effective data democratization

CIO Business Intelligence

JANUARY 20, 2023

A big part of preparing data to be shared is an exercise in data normalization, says Juan Orlandini, chief architect and distinguished engineer at Insight Enterprises. Exercising tactful platform selection In many cases, only IT has access to data and data intelligence tools in organizations that don’t practice data democratization.

Data

Data Architecture Training Tools

Rethinking enterprise architects’ roles for agile transformation

CIO Business Intelligence

SEPTEMBER 17, 2024

Enterprise architects can act as program sponsors, especially around infrastructure and risk-mediating investments required by IT operations, information security, and data governance functions. Architects are uniquely positioned to connect problems with solutions and provide objective input on where to prioritize investments.

Agile

Agile Enterprise Enterprise Architecture

Unlock Your Cybersecurity Potential: SecureWorld PLUS Training Courses

SecureWorld News

JANUARY 22, 2025

Interactive learning : Engage in practical exercises and collaborative discussions. Meet the instructors Larry Wilson , CISSP, CISA, was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Expert-led training : Learn directly from industry leaders with decades of experience.

Course

Course Training Information Security Artificial Intelligence

Best practices for developing an actionable cyberresilience road map

CIO Business Intelligence

MARCH 8, 2023

The practice brings together formerly separate disciplines of information security, business continuity, and disaster response (BC/DR) deployed to meet common goals. It’s about making sure there are regular test exercises that ensure that the data backup is going to be useful if worse comes to worst.”

Development

Development Backup Exercises Disaster Recovery

Buyer’s guide: Data protection for hybrid clouds

Network World

NOVEMBER 4, 2024

Do I conduct regularly scheduled tabletop disaster-recovery exercises ? Have I done an assessment of how long the company can endure an outage before critical business processes are affected? Do I have a disaster recovery plan that meets those recovery-time objectives?

Disaster Recovery

Disaster Recovery Cloud Data Backup

The customers and communities that drive Beyond Bank’s tech strategy

CIO Business Intelligence

JULY 10, 2024

We also have things like red teaming exercise drills and game days. And in terms of designing new solutions, I think it’s critical we embed controls to ensure things are secure by design right up front. Like any skill, you’re learning.

Strategy

Strategy Banking Financial Data

A Combined Broadcom & VMware: Clouds and Sovereignty

CIO Business Intelligence

DECEMBER 19, 2022

Just as important, we will invest in our innovation engine and long-term product improvement to drive new, customer-centric solutions for the multi-cloud era and empower more customers to exercise their own sovereign choices when storing and managing data. To stay updated on the news about the transaction, click here.

Vmware

Vmware Cloud Security Government

Internal memo: Microsoft makes security a ‘core priority’ for employee review process

GeekWire

AUGUST 5, 2024

“The Security Core Priority is not a check-the-box compliance exercise; it is a way for every employee and manager to commit to — and be accountable for — prioritizing security, and a way for us to codify your contributions and to recognize you for your impact,” Hogan wrote. Microsoft CEO Satya Nadella.

Microsoft

Microsoft Security Exercises Report

MACH37: America’s premier market-centric cybersecurity accelerator

CTOvision

SEPTEMBER 14, 2013

This new generation of technology increases the ability of Chief Information Security Officer’s to train, exercise, test, model and simulate through on demand replication of cyber infrastructure. Cypherpath provides the only on demand platform for realistic cyber-experiences.

Programming

Programming Security CTO Hire Network

Combatting Phishing with Enhanced Cybersecurity Awareness Programs

SecureWorld News

OCTOBER 24, 2023

At the end of the day, it turned out that this was the work of the company's information security team, aimed at showing management how simply attackers could gather data for targeted phishing campaigns. They are not designed for executing cyber exercises, and HR professionals typically lack the expertise in this specific domain.

Programming

Programming Training Information Security Course

Cloud Security Alliance Federal Summit 5 May in DC

CTOvision

MAY 1, 2015

Cloud Security Alliance has put together a stellar program of thought leaders from government and the private sector to provide key insights into security compliance, architecture, technology and defending the latest threats.

Cloud

Cloud Security Adobe Government

People Skills Outweigh Technical Prowess in the Best Security Leaders

SecureWorld News

OCTOBER 5, 2023

But it is vital as they fight for cybersecurity budget, try to explain risk, and explain the importance of line items such as security awareness training, blue, red and purple team exercises, and more.

Security

Security Resources Government Exercises

The Rise of Data Sovereignty and a Privacy Era

SecureWorld News

JUNE 24, 2024

The TRIAD Model During my career as a CISO, I relied on my TRIAD Model to envision, enact, and mobilize Information Security & Privacy strategic planning and roadmap execution activities with foundational pillars as illustrated below. Business continuity plans can help mitigate disruptive incidents.

Data

Data Policies Security Information Security

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

For sanity, manage to a written information security policy. The best way to accomplish this goal is to perform a tabletop exercise (TTX) with a third-party organization and look at the results through the results lens of a regulatory body working with outside general counsel.

Exercises

Exercises Disaster Recovery Programming Education

Quantum Computing: A Looming Threat to Organizations and Nation States

SecureWorld News

SEPTEMBER 7, 2023

Director of Information Security, State of Colorado Governor's Office of Information Technology; and Toby Zimmerer, Sr. This reveals how painful of an exercise it can be without a lifecycle understanding of our cryptographic components." Demand and Delivery Director, Optiv.

Security

Security Information Security Agile Architecture

Experience “The Big Pivot”

Cloud Musings

FEBRUARY 20, 2018

Manage data as currency The Big Pivot Episode 6 presents a thought exercise that compares the CIO’s role managing data to that of the CFO managing currency by asking: Does the CFO let each functional organization keep and manage the revenue it makes ?

Enterprise

Enterprise Enterprise Data Security

Penetration Testing Remote Workers

SecureWorld News

JUNE 28, 2020

This is no different than a threat actor in the real world and should be included in your exercise to vet out potential risks. The network topology for remote access should not be given to a pentester during an exercise, but rather they should be asked if they can map out the vendors, network, and process for remote access.

Social

Social Network Engineering Authentication

You've Made the Ascent to CISO. Now What?

SecureWorld News

JANUARY 3, 2025

However, assuming you are inheriting an existing organization, you will likely begin with an assessment of the existing security team's capabilities, challenges, and potential. By understanding this history, you can proactively address potential concerns, rebuild trust, and chart a security strategy that is likely to be successful.

Budget

Budget Security Disaster Recovery Strategy

Top Certifications in Cybersecurity and How they Can Advance Your Career

SecureWorld News

JULY 25, 2023

As organizations across industries grapple with escalating cyber risks, the demand for skilled information security professionals has skyrocketed. Take the time needed to comprehend the topics, reinforce your knowledge through practice, and build practical skills through hands-on exercises or real-world projects.

Study

Study Education Training Course

Jen Easterly Takes Charge of CISA At Black Hack USA 2021

ForAllSecure

AUGUST 18, 2021

It’s first directory, Chris Krebs, was fired by then-president Tump for saying that the 2020 election was the most secure election in history. Easterly first cleared up one of the biggest challenges facing information security today-- how to pronounce “CISA. exercise these whole nation attack plans to prepare.

Exercises

Exercises Web Services Security Information Security

Battling Burnout: A Growing Concern for CISOs and Security Professionals

SecureWorld News

JUNE 20, 2024

As defenders of digital assets, Chief Information Security Officers (CISOs) and cybersecurity professionals face immense pressure, often leading to burnout. It includes exercises, meditations, food and mental health suggestions/tips, and more— including links to additional resources.

Security

Security Study Report Budget

Fantastic or Frightening: FBI Accesses [Your?] Exchange Servers to Stop Attacks

SecureWorld News

APRIL 14, 2021

We'll need to exercise good judgment and due care to preserve the balance between acting in the public good and affording proper protections for private entities.".

Fractional CTO

Fractional CTO Microsoft CTO Government

Using ChatGPT to Become Irresistible to Hiring Managers

SecureWorld News

SEPTEMBER 12, 2023

Information Security 2. Security Incident Response 5. Certified Information Systems Security Professional (CISSP) **Major Themes** 1. For this exercise, I'm using a different job description for a Senior Security Analyst and an anonymous excerpt of an original resume from someone I previously coached.

Windows

Windows Security Programming Development

Security Experts Assess 2.0 Draft of NIST Cybersecurity Framework

SecureWorld News

AUGUST 23, 2023

Defending and Investigating Advanced Intrusions on Secure Email Gateways" at SecureWorld Dallas on Oct. Defending and Investigating Advanced Intrusions on Secure Email Gateways" at SecureWorld Dallas on Oct. Nader Zaveri – Sr. Remediation and Incident Response Manager at Mandiant will speak on "Special Delivery!

Security

Security Government Policies Examples

Apple Watch Series 6 review: minute improvements

The Verge

OCTOBER 1, 2020

That means I’m getting about a day and a half (including sleep) on a single charge, but less if I use it for exercise tracking. It has very good fitness and health tracking, and Apple’s Health app keeps that information secure and private unless you purposefully share it.

Apple

Apple Study Exercises System

10 Top Ways: Building an Effective Cybersecurity Awareness Campaign

SecureWorld News

OCTOBER 27, 2021

If these things are true, how do we share information with others in a way that is proven to work and create a culture of security? Security awareness and how you talk about cybersecurity. She says when people realize what they are learning in cybersecurity are transferrable life skills, they are more likely to find value.

Survey

Survey Training Security Social

Here’s who Apple and Epic are calling to testify in next week’s trial

The Verge

APRIL 28, 2021

Epic argues that Apple unfairly kicked its hit game Fortnite off the App Store last year, exercising an illegal monopoly over the ubiquitous iOS platform. Apple claims Epic is trying to break the iOS platform’s vaunted safety and security for its own gain. Francine LaFontaine , professor of economics, University of Michigan.

Apple

Apple Policies Engineering Fractional VPE

The Hacker Mind Podcast: Hacking Diversity

ForAllSecure

APRIL 7, 2021

I've got a lot of industry certifications, but having all those paper degrees proved to be a poor equivalent to having actual hands on experience in information security. Vamosi: So what am I missing here. Here's an accomplished woman with five master's degrees and 15 years of experience in it.

Study

Study Security Information Security Examples

The Hacker Mind Podcast: Hacking Diversity

ForAllSecure

APRIL 7, 2021

I've got a lot of industry certifications, but having all those paper degrees proved to be a poor equivalent to having actual hands on experience in information security. Vamosi: So what am I missing here. Here's an accomplished woman with five master's degrees and 15 years of experience in it.

Study

Study Security Information Security Examples

Case in point: taking stock of the CrowdStrike outages

Protecting content in the digital age: Navigating the evolving threat landscape in media publishing

Webinars

Trending Sources

Patient Portal Puts a Spotlight on Secure Messaging

Webinars

4 methods to help CIOs manage cyber stress

The evolving role of security and IT in DR and incident response

Strengthening Retail’s Resilience Against Ransomware

What IT leaders from BlackBerry, CN and Microsoft Canada and more predict for the future of InfoSec

What transformational leaders too often overlook

Critical Actions Post Data Breach

How to Improve Your Organization’s Cyber Resiliency

2 Innovations That Can Tip the Balance in Cybersecurity

16 best entry-level IT certifications to launch your career

Lessons from the Synergy Forum: Affordability of Cybersecurity & Risk Management

25 enterprise tech predictions and goals for 2025, from APAC CIOs

7 common IT training mistakes to avoid

The essential check list for effective data democratization

Rethinking enterprise architects’ roles for agile transformation

Unlock Your Cybersecurity Potential: SecureWorld PLUS Training Courses

Best practices for developing an actionable cyberresilience road map

Buyer’s guide: Data protection for hybrid clouds

The customers and communities that drive Beyond Bank’s tech strategy

A Combined Broadcom & VMware: Clouds and Sovereignty

Internal memo: Microsoft makes security a ‘core priority’ for employee review process

MACH37: America’s premier market-centric cybersecurity accelerator

Combatting Phishing with Enhanced Cybersecurity Awareness Programs

Cloud Security Alliance Federal Summit 5 May in DC

People Skills Outweigh Technical Prowess in the Best Security Leaders

The Rise of Data Sovereignty and a Privacy Era

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

Quantum Computing: A Looming Threat to Organizations and Nation States

Experience “The Big Pivot”

Penetration Testing Remote Workers

You've Made the Ascent to CISO. Now What?

Top Certifications in Cybersecurity and How they Can Advance Your Career

Jen Easterly Takes Charge of CISA At Black Hack USA 2021

Battling Burnout: A Growing Concern for CISOs and Security Professionals

Fantastic or Frightening: FBI Accesses [Your?] Exchange Servers to Stop Attacks

Using ChatGPT to Become Irresistible to Hiring Managers

Security Experts Assess 2.0 Draft of NIST Cybersecurity Framework

Apple Watch Series 6 review: minute improvements

10 Top Ways: Building an Effective Cybersecurity Awareness Campaign

Here’s who Apple and Epic are calling to testify in next week’s trial

The Hacker Mind Podcast: Hacking Diversity

The Hacker Mind Podcast: Hacking Diversity

Stay Connected